CVE-2007-6004

Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action.

Publication date: Fri, 16 Nov 2007 04:46:00 +0000

Cyber News related to CVE-2007-6004

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
6 years ago

CVE-2007-6004 - Multiple SQL injection vulnerabilities in index.php in Toko Instan 7.6 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in an artikel action or (2) the katid parameter in a produk action. ...
7 years ago

CVE-1999-1566 - Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. ...
16 years ago

CVE-2004-1791 - The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. ...
16 years ago

CVE-2013-6004 - Session fixation vulnerability in Cybozu Garoon before 3.7.2 allows remote attackers to hijack web sessions via unspecified vectors. ...
11 years ago

CVE-2014-6004 - The Pocket Cam Photo Editor (aka mobi.pocketcam.editor) application 3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted ...
10 years ago

CVE-2015-6004 - Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device ...
8 years ago

CVE-2004-1790 - Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. ...
7 years ago

CVE-2008-6004 - Cross-site scripting (XSS) vulnerability in search.php in AJ Auction Pro Platinum 2 allows remote attackers to inject arbitrary web script or HTML via the product parameter. ...
7 years ago PLATINUM

CVE-2018-6004 - SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter. ...
6 years ago

CVE-2019-6004 - Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 and earlier, and ApeosWare Management Suite 2 Ver.2.1.2.4 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified ...
5 years ago

CVE-2018-14241 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious ...
5 years ago

CVE-2017-6004 - The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a ...
3 years ago

CVE-2006-6004 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none ...
55 years ago Tenable.com

CVE-2023-6004 - A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through ...
5 months ago

CVE-2024-6004 - ...
55 years ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
6 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
6 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
6 years ago

CVE-2007-4246 - Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), ...
7 years ago

CVE-2007-0222 - Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is ...
6 years ago

CVE-2007-2135 - The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS table via the ADI_DISPLAY_REPORT function, when passed a certain parameter. NOTE: due to lack of details from ...
6 years ago

CVE-2007-2170 - The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other ...
6 years ago

CVE-2007-2841 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3947. Reason: This candidate is a reservation duplicate of CVE-2007-3947. Notes: All CVE users should reference CVE-2007-3947 instead of this candidate. All references and ...
55 years ago Tenable.com

Latest Cyber News

Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - 5 minutes ago
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand | The Record from Recorded Future News - 25 minutes ago
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 29 minutes ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 1 hour ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 1 hour ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 1 hour ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 3 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 4 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 4 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 5 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 5 hours ago
18 Best Web Filtering Solutions - 2025 - 5 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 9 hours ago
Vo1d malware botnet grows to 1.6 million Android TVs worldwide - 14 hours ago
New Vo1d botnet variant infects 1.6 million Android TVs worldwide - 14 hours ago
CVE-2025-25730 - 15 hours ago
CVE-2025-25570 - 15 hours ago
CVE-2025-26264 - 15 hours ago
CVE-2025-26325 - 15 hours ago
Privacy tech firms warn France’s encryption and VPN laws threaten privacy - 16 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Nakivo Backup & Replication Tool Vulnerability Allows Attackers to Read Arbitrary Files - 5 minutes ago
Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand | The Record from Recorded Future News - 25 minutes ago
Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 29 minutes ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 1 hour ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 1 hour ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 1 hour ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 3 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 4 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 4 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 5 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 5 hours ago
18 Best Web Filtering Solutions - 2025 - 5 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 9 hours ago
CVE-2018-9994 - 1 year ago
CVE-2018-9329 - 1 year ago
CVE-2018-9324 - 1 year ago
CVE-2018-9323 - 1 year ago
CVE-2018-9321 - 1 year ago
CVE-2018-9319 - 1 year ago
CVE-2018-9317 - 1 year ago